Adversaries may implant cloud or container images with malicious code to establish persistence after gaining access to an environment. Amazon Web Services (AWS) Amazon Machine Images (AMIs), Google Cloud Platform (GCP) Images, and Azure Images as well as popular container runtimes such as Docker can be implanted or backdoored. Unlike Upload Malware, this technique focuses on adversaries implanting an image in a registry within a victim’s environment. Depending on how the infrastructure is provisioned, this could provide persistent access if the infrastructure provisioning tool is instructed to always use the latest image.(Citation: Rhino Labs Cloud Image Backdoor Technique Sept 2019)
A tool has been developed to facilitate planting backdoors in cloud container images.(Citation: Rhino Labs Cloud Backdoor September 2019) If an adversary has access to a compromised AWS instance, and permissions to list the available container images, they may implant a backdoor such as a Web Shell.(Citation: Rhino Labs Cloud Image Backdoor Technique Sept 2019)
View in MITRE ATT&CK®| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| artifact_analysis | Artifact Analysis | technique_scores | T1525 | Implant Internal Image |
Comments
Artifact Analysis performs vulnerability scans on artifacts in Artifact Registry or Container Registry (deprecated). When Artifact Analysis is deployed, this security solution can detect known vulnerabilities in Docker containers. This information can be used to detect images that deviate from the baseline norm, and could indicate a malicious implanted images in the environment. Due to the medium threat detection coverage and temporal factor, the control was scored as partial.
References
|
| binary_authorization | Binary Authorization | technique_scores | T1525 | Implant Internal Image |
Comments
Each image has a signer digitally sign using a private key. At deploy time, the enforcer uses the attester's public key to verify the signature in the attestation.
References
|
| gke_enterprise | GKE Enterprise | technique_scores | T1525 | Implant Internal Image |
Comments
GKE Enterprise incorporates the Anthos Config Management feature to prevent configuration drift with continuous monitoring of your cluster state, using the declarative model to apply policies that enforce compliance. This control can periodically check the integrity of images and containers used in cloud deployments to ensure that adversaries cannot implant malicious code to gain access to an environment.
References
|
| google_kubernetes_engine | Google Kubernetes Engine | technique_scores | T1525 | Implant Internal Image |
Comments
After scanning for vulnerabilities, this control may alert personnel of tampered container images that could be running in a Kubernetes cluster.
References
|
| security_command_center | Security Command Center | technique_scores | T1525 | Implant Internal Image |
Comments
SCC is able to detect modifications that were not not part of the original container image. Because of the high threat detection coverage and near-real time temporal factor this control was graded as significant.
References
|
| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| aws_config | AWS Config | technique_scores | T1525 | Implant Internal Image |
Comments
The following AWS Config managed rules can identify running instances that are not using AMIs within a specified allow list: "approved-amis-by-id" and "approved-amis-by-tag", both of which are run on configuration changes. This does not provide detection of the image implanting itself, but does provide detection for any subsequent use of images that are implanted and not present within the allow list, resulting in a score of Minimal.
References
|